Automated digital migration

ABSTRACT

A system, method, and computer-readable medium are disclosed for performing automated, peer-to-peer migrations of entitled digital assets. A first identifier corresponding to a source system, and a first set of entitlement data corresponding to a set of digital assets installed on the source system, are processed to generate a first set of entitlements entitling the source system to use the set of digital assets. The first identifier is then cross-referenced to a second identifier corresponding to a target system. A migration request and the second identifier are received from the target system, which are then processed to initiate the migration of the digital assets from the source system to the target system. The second identifier and the first set of entitlement data are subsequently processed to generate a second set of digital asset entitlements entitling the target system to use the set of digital assets.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The present invention relates to the management of information handlingsystems. More specifically, embodiments of the invention provide asystem, method, and computer-readable medium for performing automated,peer-to-peer migrations of entitled digital assets.

2. Description of the Related Art

As the value and use of information continues to increase, individualsand businesses seek additional ways to process and store information.One option available to users is information handling systems. Aninformation handling system generally processes, compiles, stores,and/or communicates information or data for business, personal, or otherpurposes thereby allowing users to take advantage of the value of theinformation. Because technology and information handling needs andrequirements vary between different users or applications, informationhandling systems may also vary regarding what information is handled,how the information is handled, how much information is processed,stored, or communicated, and how quickly and efficiently the informationmay be processed, stored, or communicated. The variations in informationhandling systems allow for information handling systems to be general orconfigured for a specific user or specific use such as financialtransaction processing, airline reservations, enterprise data storage,or global communications. In addition, information handling systems mayinclude a variety of hardware and software components that may beconfigured to process, store, and communicate information and mayinclude one or more computer systems, data storage systems, andnetworking systems.

In recent years, it has become common for manufacturers to offerpurchasers the ability to order a system custom-configured to theirspecification. These custom-configured systems, which are often orderedon-line, allow the purchaser to select the OS of their choice along witha selection of software and other digital assets to meet theirindividual needs. In some cases, the manufacturer may preinstall the OSand the selected digital assets on the system prior to delivery. Inaddition, the system may be further personalized (e.g., desktop themesand colors, etc.) as a service to the customer. Such customizations andpersonalizations may be limited only by the customer's patience andwillingness to define or describe their ideal system.

However, the process of migrating digital assets from one system toanother is a fairly complex process that poses challenges to many usersand can add hesitation when purchasing a new system. Furthermore, usershave limited choices for migrating software and digital assets from anexisting system to a newly purchased system. For example, a user canpurchase additional software for migration, leverage limited utilitieswithin the operating system, manually transfer files, or simply leavebehind existing data.

As a result, the customer has to locate the original distribution mediaand license keys that came with the existing system or were purchasedlater. In the event of downloaded digital assets, the purchasertypically has to find back-up copies of the original downloaded filesand emails that contain the associated license keys. If they are notlocated, or if they were lost due to a system failure such as a crashedhard drive, the purchaser has to log-on to the digital assets providersite, download the files again, and then perform an authenticationroutine to receive the license keys via email. Moreover, it is notuncommon fir users to misplace or forget their User IDs and passwords.In view of the foregoing, there is a need for more easily migratingdigital assets from an existing system to a new system without requiringthe user to provide installation files and associated license keys.

SUMMARY OF THE INVENTION

A system, method, and computer-readable medium are disclosed forperforming automated, peer-to-peer migrations of entitled digitalassets. In various embodiments, a first personalization agent isinstalled on a source system comprising a first unique system identifierand a second personalization agent is installed on a target systemcomprising a second unique system identifier. The first personalizationagent provides a set of digital asset entitlement data, which correspondto digital assets associated with the source system, to a digital assetentitlement system. The set of digital asset entitlement data is thenprocessed by the digital asset entitlement system to generate a set ofdigital asset entitlements, which is bound to the first unique systemidentifier along with connectivity data associated with the sourcesystem. The first unique system identifier is then cross-referenced tothe second system identifier.

In turn, the second personalization agent installed on the target systemprovides the second unique system identifier to the digital assetentitlement system, where it is used to access the cross-referenceddigital asset entitlement and connectivity data associated with thesource system. The connectivity data is then used by the secondpersonalization agent to establish a peer-to-peer (P2P) communicationssession between the target system and the source system. The secondsystem personalization agent then uses the cross-referenced set ofdigital asset entitlement data to identify which entitled digital assetsare to be migrated from the source system to the target system. Thesecond personalization agent then requests that the firstpersonalization agent migrate the identified entitled digital assetsfrom the source system to the target system.

In response, the source system personalization agent uses the previouslyestablished communication session to perform a peer-to-peer migration ofthe requested entitled digital assets to the target system. The secondpersonalization agent then automatically installs the migrated digitalassets on the target system. Entitlements to the migrated digital assetsare then likewise migrated by removing the digital asset bindings fromthe first unique system identifier corresponding to the source systemand creating new digital asset bindings with the second unique systemidentifier corresponding to the target system.

BRIEF DESCRIPTION OF THE DRAWINGS

The present invention may be better understood, and its numerousobjects, features and advantages made apparent to those skilled in theart by referencing the accompanying drawings. The use of the samereference number throughout the several figures designates a like orsimilar element.

FIG. 1 is a general illustration of components of an informationhandling system as implemented in the system and method of the presentinvention;

FIG. 2 is a simplified block diagram of the performance of peer-to-peerdigital assets migration operations;

FIGS. 3 a-b are a simplified block diagram of a unique system identifierthat remains the same when one of its associated system componentidentifiers has been changed;

FIGS. 4 a-b are a simplified block diagram of a unique system identifierthat is changed when one of its associated system component identifiershas been changed;

FIG. 5 is a simplified block diagram of an encrypted unique systemidentifier generated from a set of system component identifiers;

FIG. 6 is a simplified block diagram of a unique system identifierdecrypted from an encrypted unique system identifier;

FIGS. 7 a-b are a generalized flow chart of the performance of digitalasset entitlement operations; and

FIG. 8 is a generalized flow chart of the performance of peer-to-peerdigital assets migration operations.

DETAILED DESCRIPTION

A system, method, and computer-readable medium are disclosed forperforming automated, peer-to-peer migrations of entitled digitalassets. For purposes of this disclosure, an information handling systemmay include any instrumentality or aggregate of instrumentalitiesoperable to compute, classify, process, transmit, receive, retrieve,originate, switch, store, display, manifest, detect, record, reproduce,handle, or utilize any form of information, intelligence, or data forbusiness, scientific, control, or other purposes. For example, aninformation handling system may be a personal computer, a networkstorage device, or any other suitable device and may vary in size,shape, performance, functionality, and price. The information handlingsystem may include random access memory (RAM), one or more processingresources such as a central processing unit (CPU) or hardware orsoftware control logic, ROM, and/or other types of nonvolatile memory.Additional components of the information handling system may include oneor more disk drives, one or more network ports for communicating withexternal devices as well as various input and output (I/O) devices, suchas a keyboard, a mouse, and a video display. The information handlingsystem may also include one or more buses operable to transmitcommunications between the various hardware components.

FIG. 1 is a generalized illustration of an information handling system100 that can be used to implement the system and method of the presentinvention. The information handling system 100 includes a processor(e.g., central processor unit or “CPU”) 102, input/output (I/O) devices104, such as a display, a keyboard, a mouse, and associated controllers,a hard drive or disk storage 106, and various other subsystems 108. Invarious embodiments, the information handling system 100 also includesnetwork port 110 operable to connect to a network 140, which is likewiseaccessible by a service provider server 142. The information handlingsystem 100 likewise includes system memory 112, which is interconnectedto the foregoing via one or more buses 114. System memory 112 furthercomprises operating system (OS) 116 and in various embodiments may alsocomprise a digital asset entitlement system 118. In these and otherembodiments, the digital asset entitlement system 118 may likewisecomprise a user service and support module 120, a digital fulfillmentmodule 122, a system identification and security module 124, apersonalization module, an entitlement module 128, a sales integrationmodule, a manufacturing integration module 132, and a digital assetmigration module 134. In one embodiment, the information handling system100 is able to download the digital asset entitlement system 118 fromthe service provider server 142. In another embodiment, the digitalsasset entitlement system 118 is provided as a service from the serviceprovider server 142.

FIG. 2 is a simplified block diagram of the performance of peer-to-peerdigital assets migration operations. In various embodiments, a digitalasset entitlement system 118 is implemented for managing the entitlementof a system 204 to process a digital asset 246. In these and otherembodiments, the digital asset entitlement system 218 may be implementedon one or more servers 210, which are connected to a network 252. Invarious embodiments, the network 252 may comprise a public network, suchas the Internet, a physical private network, a virtual private network(VPN), or any combination thereof. As shown in FIG. 2, the digital assetentitlement system 118 comprises a user service and support module 120,a digital fulfillment module 122, and a system identification andsecurity module 124. The digital asset entitlement system 118 likewisecomprises a personalization module 126, an entitlement module 128, asales integration module 130, a manufacturing integration module 132,and a digital asset migration module 134. Likewise, the digital assetentitlement system 118 is able to access a digital assets datarepository 212, an entitlement data repository 214, and a systemidentifier (ID) data repository 216, each of which may be implemented onone or more servers 210 connected to a network 252.

As used herein, a digital asset 246 refers to any digital asset such asa software application, a deliverable or performable service, music,video, software activation key, personalization instructions, files,etc. that are digitally deliverable either wholly or partially. Aslikewise used herein, a digital assets entitlement refers to theassociation of a predetermined digital asset 246 with either a source204 target 254 system. In various embodiments, an entitlement recordcontains digital assets entitlement data (e.g., license information,etc.) that allows the digital asset 246 to be respectively processed bythe source 204 target 254 system, which are likewise respectivelyidentified by a corresponding unique source 206 or target 256 systemidentifier. In these and other embodiments, the entitlement record isprocessed by the entitlement module 128 and stored in the entitlementdata repository 214. As used herein, a source 204 or target 254 systemmay comprise a personal computer, a laptop computer, or a tabletcomputer operable to establish an on-line session with the digital assetentitlement system 118 over a connection to network 252. The source 204or target 254 system may also comprise a personal digital assistant(PDA), a mobile telephone, or any other suitable device operable tostore a unique source 206 or target 256 system ID, respectively performdigital asset entitlement operations with a source 208 or target 258system personalization agent, and operable to establish a connectionwith network 252.

In various embodiments, digital assets entitlement and systempersonalization operations are performed by a user, such as a systempurchaser 202, in on-line environment. As an example, an on-lineenvironment may comprise a system manufacturer 234 or digital assetsvendor 238 that respectively accepts on-line orders for systems ordigital assets over a connection to network 252.

In these and other embodiments, the system purchaser 202 decides whetherto purchase a custom-configured or pre-configured target 254 system. Ifthe target 254 system is to be pre-configured, then it is selected foron-line purchase by the system purchaser 202 and its unique targetsystem 256 identifier is determined. In one embodiment, the uniquetarget 256 system identifier is stored in the BIOS of the pre-configuredtarget 254 system. However, if the target 254 system is to becustom-configured, then it is custom-configured on-line by the systempurchaser 202. Once manufactured by the system manufacturer 234, aunique target 256 system identifier is generated as described in greaterdetail herein.

In various embodiments, the manufacturing integration module 132coordinates the custom configuration of the target 254 system with thesystem manufacturer 234. Likewise, the system identification andsecurity module 124 coordinates the generation of the unique target 256system identifier and its storage in the repository of system identifierdata 216. The system purchaser 202 then selects one or more digitalassets 246 for on-line purchase, followed by selecting personalizationoptions for the pre-configured or custom-configured system. In variousembodiments, the personalization module 126 coordinates the selection ofpersonalization options with the system manufacturer 234 or digitalassets vendor 238. As used herein, a system personalization optionrefers to any feature, capability, or function that may be applied to atarget system. As an example, a personal computer desktop wallpaper oruser interface options (e.g., a “classic” interface) are personalizationoptions.

A purchase transaction for the custom-configured or pre-configuredsystem target 254 system and any associated digital assets 246 andpersonalization options is then completed. In various embodiments, theprocessing of the purchase transaction is performed by the salesintegration module 130. In these and other embodiments, the financialproceeds of the purchase transaction may be settled between multipleparties. For example, a system manufacturer 234 may receive a portion ofthe purchase transaction corresponding to the cost of the target 254system. One or more digital assets vendors 238 may likewise receive aproportionate share of the purchase transaction corresponding to thedigital assets 246 they respectively provide.

Digital asset entitlement operations, as described in greater detailherein, are then performed by the digital asset entitlement system 118to bind the digital assets 246, the personalization options, and theirrespective digital assets entitlement data to the unique target 256system identifier of the target 254 system. The resulting digital assetentitlements, including data associated with the digital assets (e.g.,installation files, etc.) is then stored in the repository ofentitlement data 214.

The digital asset migration module 134 then presents the systempurchaser 202 an option to opt-in to perform automated, peer-to-peermigration of entitled digital assets from the source 204 system to thetarget 254 system. If the system purchaser 202 elects to opt-in, then adetermination is made whether a source 208 system personalization agentis loaded on the source 204 system. If not, then it is loaded onto thesource 208 system. In one embodiment, the source 208 systempersonalization agent is loaded onto the source 204 system by thepersonalization module 126. The source 208 system personalization agentqueries the source 204 system to determine its unique source 206 systemidentifier and to collect associated connectivity data (e.g., IPaddress, user ID, password, etc.). Inventory operations are thenperformed by the source 208 system personalization agent to inventorydigital assets and any associated digital assets entitlement datainstalled on the source 204 system. In various embodiments, theinventoried digital assets 246 may comprise personalization settings andauthentication credentials.

The inventoried digital assets 246 and associated digital assetsentitlement data are then presented to the system purchaser 202, whothen selects digital assets 246 to be migrated to the target 254 system.The source 208 system personalization agent then automaticallyestablishes a connection with the digital asset entitlement system 118and uses the unique source 206 system identifier to authenticate thesource 204 system. The unique source 208 system personalization agentthen uploads the inventoried digital assets entitlement and connectivitydata associated with the source 204 system. The digital assetentitlement system 118 then performs comparison operations between thedigital assets 246 and the digital assets entitlement data respectivelycorresponding to the unique source 206 and target 256 system identifiersof the source 204 and target 254 systems.

A determination is then made whether any digital asset entitlement dataassociated with the inventoried digital assets 246 installed on thesource 204 system is missing. If it is determined that any digital assetentitlement data is missing, then the system purchaser 202 is promptedto provide the missing digital asset entitlement data (e.g., missinglicense keys) that is associated with the inventoried digital assets 246currently associated with the unique source 206 system identifier.

Once any missing digital asset entitlement data has been provided by thesystem purchaser 202, digital assets entitlements for the source 204system are generated. In various embodiments, the digital assetsentitlements are generated by performing digital asset entitlementoperations, as described in greater detail herein, to bind the digitalassets 246, the personalization options, and their respective digitalassets entitlement data to the unique source 206 system identifier ofthe source 204 system. The resulting digital asset entitlements for thesource 204 system are then stored in the digital asset entitlementsystem 118. In one embodiment, the associated digital assets 246 areuploaded from the source 204 system and stored in the digital assetsrepository 212 for subsequent migration to the target 254 system. Theunique target 256 system identifier of the target 206 system is thencross-referenced to the unique source 206 system identifier of thesource 204 system within the digital asset entitlement system 118. Thecustom-configured or pre-configured target 254 system is delivered tothe system purchaser 202. In various embodiments, the entitlement module128 generates, and then processes, the digital assets entitlement dataand the user service and support module 120 coordinates the delivery ofthe target 254 system to the system purchaser 202.

Standard operating system (OS) out-of-the-box-experience (OOBE) orhypervisor boot operations are performed on the target 254 system,followed by activating the target 258 system personalization agent. Invarious embodiments, the target 258 system personalization agent has aunique identifier that is associated with one or more unique systemcomponent identifiers. In one embodiment, the unique identifier of thetarget 258 system personalization agent is uniquely associated with thecurrent unique target 256 system identifier associated with the target254 system. In another embodiment, a portion of the target 258 systempersonalization agent is delivered to the target 258 system in anencrypted form and is then decrypted prior to being loaded on the target254 system. In this embodiment, the primary system identifier (e.g.,service tag number, serial number, etc.), is used as a decryption key todecrypt the target 258 system personalization agent.

In various other embodiments, secondary system identifiers are stored onthe target 254 system (e.g., in the BIOS, in Flash memory, on a harddisk, etc.) as well as in the digital asset entitlement system 118. Inthese and other embodiments, the digital asset entitlement system 118uses the secondary system identifiers to encrypt a portion of the target258 system personalization agent before it is loaded onto the target 254system. Once activated, the unencrypted portion of the target 258 systempersonalization agent uses the secondary system identifiers stored onthe target 254 system to decrypt the encrypted portion of the target 258system personalization agent. In one embodiment, the secondary systemidentifiers are likewise encrypted and are first decrypted before theyare used to decrypt the encrypted portion of the target 258 systempersonalization agent. In another embodiment, the secondary systemidentifiers are stored in a Trusted Platform Module (TPM). Skilledpractitioners of the art will recognize that many such embodiments arepossible and the foregoing is not intended to limit the spirit, scope,or intent of the invention.

The target 258 system personalization agent then queries the target 254system for its unique target 256 system identifier. In variousembodiments, the unique system identifier associated with the targetsystem is stored in the target 254 system's BIOS, flash memory, a harddisk, or other memory device. However, if hypervisor (e.g., virtualmachine monitor, or VMM) first boot operations are performed on thetarget 254 system instead, then a service OS comprising an embeddedvirtual machine monitor (VMM) and an embedded target 258 systempersonalization agent are loaded on the target 254 system.

The embedded target 258 system personalization agent then queries thetarget 254 system for its unique target 256 system identifier. Thetarget 258 system personalization agent then automatically establishes aconnection with the digital asset entitlement system 118 and uses thetarget 254 system's unique target 256 system identifier to authenticateit to the digital asset entitlement system 118.

The unique target 256 system identifier is then used by the target 258system personalization agent loaded on the target 254 system todetermine its entitled digital assets, including OS and personalizationoptions. In various embodiments, the OS and personalization options arecontained in an entitled digital assets and personalization optionsvirtual software image corresponding to the unique target 256 systemidentifier. In these and other embodiments, the virtual software imagecomprises an operating system, such a Windows® variant produced byMicrosoft® Inc., or a Linux OS variant. In certain of these embodiments,such virtual software images may contain additional digital assets 246,such as software application and digital content, which may beassociated with a predetermined user of the system. As an example, auser in an accounting department may be associated with a virtualsoftware image comprising a Windows® OS variant and a financial softwareapplication. As another example, a user in an engineering department maybe associated with a virtual software image comprising a Linux OSvariant and a computer-aided-design (CAD) software application. Skilledpractitioners of the art will realize that many such embodiments arepossible and that the foregoing are not intended to limit the spirit,scope or intent of the invention.

Once determined, the corresponding virtual software image comprisingpersonalization option settings and digital assets 246, along with theirassociated digital assets entitlement data is downloaded to the target254 system. Once downloaded, the target 258 system personalization agentprovisions the target 254 system by using the digital assets entitlementdata to install the virtual software image.

The target 258 system personalization agent installed on the target 254system then uses the unique target 256 system identifier to determinethe previously cross-referenced unique source 206 system identifier ofthe source 204 system. Once determined, the target 258 systempersonalization agent uses the connectivity data (e.g., IP address, userID, password, etc.) associated with the unique source 206 systemidentifier to establish a communications session with the source 204system. The target 258 system personalization agent then uses thecross-referenced unique source 206 system identifier of the source 204system to identify which entitled digital assets are to be migrated fromthe source 204 system to the target 254 system. The target 258 systempersonalization agent then requests that the source 208 systempersonalization agent migrate the identified entitled digital assetsfrom the source 204 system to the target 254 system. In response, thesource 258 system personalization agent uses the previously establishedcommunication session to perform a peer-to-peer migration of therequested entitled digital assets 246 to the target 254 system.

The target 258 system personalization agent then automatically installsthe migrated entitled digital assets 246 on the target 254 system.Entitlements to the migrated digital assets 246 are then likewisemigrated removing the digital asset bindings from the unique source 206system identifier of the source 204 system and creating new digitalasset bindings with the unique target 256 system identifier of thetarget 254 system. The resulting entitlements to the digital assets 246installed on the target 254 system are then stored in the digital assetentitlement system 118.

FIGS. 3 a-b urea simplified block diagram of a unique system identifierthat remains the same when one of its associated system componentidentifiers has been changed in accordance with an embodiment of theinvention. As shown in FIG. 3 a, an original unique system identifier320 is generated from a plurality of unique system component identifiers302, which correspond to a plurality of system components contained in atarget system. As likewise shown in FIG. 3 a, the unique systemcomponent identifiers 302 comprise a Model Number 304 ‘SA310J43, aSerial Number 306, sometimes referred to as a service tag number or aprimary system identifier, ‘SEM5239923875’, a Factory ID 308 ‘AUS’, anda Manufacture Date 310 ‘111909’. The unique system component identifiers302 likewise comprise an Original Motherboard ID 314 ‘19374WS238017BH’,a Processor ID 316 ‘92348430-432919237’, a Hard Drive ID 318‘L83747HJ3672’, etc.

As described in greater detail herein, once generated, the originalunique system identifier 320 is associated, such as through a bindingoperation, with predetermined digital assets 332 to generate a digitalassets entitlement 330. As likewise described in greater detail herein,the digital assets entitlement 330 entitles a target system, which isassociated with the original unique system identifier 320, to processthe digital assets 332. However, it is not uncommon for systemcomponents to be replaced due to failure, erratic performance, becomingoutmoded, or for other reasons. It will be appreciated that theentitlement 330 between the original unique system identifier 320 andthe digital assets 332 may be compromised as a result of such areplacement. For example, as illustrated in FIG. 3 b, the OriginalMotherboard ID 314 ‘19374WS238017BH’ has been replaced with a NewMotherboard ID 334 ‘56812FR853945PL’. However, the original uniquesystem identifier 320 remains unchanged.

In various embodiments, extract, transform, and load (ETL) and otherdatabase operations are performed to manage the integrity of therelationship between the original unique system identifier 320 and theplurality of unique system component identifiers 302. As an example, theOriginal Motherboard ID 314 ‘19374WS238017BH’ may remain as a subset ofthe original unique system identifier 320, even though it may have beendeactivated or invalidated as a unique system component identifier 302.However, in these and other embodiments, relational database operationsknown to those of skill in the art may be applied to maintain therelationship between the original unique system identifier 320, the NewOriginal Motherboard ID 334 ‘56812FR853945PL’, and the unchanged uniquesystem component identifiers 302. Accordingly, the integrity of theentitlement 330 between the original unique system identifier 320 andthe digital assets 332 is perpetuated. It will be apparent to skilledpractitioners of the art that many such embodiments are possible and theforegoing is not intended to limit the spirit, scope, or intent of theinvention.

FIGS. 4 a-b are a simplified block diagram of a unique system identifierthat is changed when one of its associated system component identifiershas been changed in accordance with an embodiment of the invention. Asshown in FIG. 4 a, an original unique system identifier 320 is generatedfrom a plurality of unique system component identifiers 302, whichcorrespond to a plurality of system components contained in a targetsystem. As likewise shown in FIG. 3 a, the unique system componentidentifiers 302 comprise a Model Number 304 ‘SA310J43, a Serial Number306, sometimes referred to as a service tag number or a primary systemidentifier, ‘SEM5239923875’, a Factory ID 308 ‘AUS’, and a ManufactureDate 310 ‘111909’. The unique system component identifiers 302 likewisecomprise an Original Motherboard ID 314 ‘19374WS238017BH’, a ProcessorID 316 ‘92348430-432919237’, a Hard Drive ID 318 ‘L83747HJ3672’, etc.

As described in greater detail herein, once generated, the originalunique system identifier 320 is associated, such as through a bindingoperation, with predetermined digital assets 332 to generate a digitalassets entitlement 330. As likewise described in greater detail herein,the digital assets entitlement 330 entitles a target system, which isassociated with the original unique system identifier 320, to processthe digital assets 332. However, it is not uncommon for systemcomponents to be replaced due to failure, erratic performance, becomingoutmoded, or for other reasons. It will be appreciated that theentitlement 330 between the original unique system identifier 320 andthe digital assets 332 may be compromised as a result of such areplacement. For example, as illustrated in FIG. 4 b, the OriginalMotherboard ID 314 ‘19374WS238017BH’ has been replaced with a NewMotherboard ID 334 ‘56812FR853945PL’. As a result, a new unique systemidentifier 420 is generated, which is a concatenation of the pluralityof unique system component identifiers 402, including the New OriginalMotherboard ID 334 ‘56812FR853945PL’ as a subset. In certainembodiments, such as when an old system is replaced with an entirely newsystem, none of the unique system component identifiers 402 associatedwith the new unique system identifier 420 are the same as the uniquesystem component identifiers 302 associated with the original uniquesystem identifier 320.

In various embodiments, a first set of operations are performed toremove the entitlement 330 between the original unique system identifier320 and digital assets 332. A second set of operations are thenperformed to associate the new unique system identifier 420 with thedigital assets 332 to generate a new entitlement 430. In these and otherembodiments, the original unique system identifier 320 is theninvalidated. Accordingly, the integrity of the original entitlement 330between the original unique system identifier 320 and the digital assets332 is perpetuated by the new entitlement 430 between the new uniquesystem identifier 420 and the digital assets 332. In certainembodiments, an old system comprising an original unique systemidentifier 320 is replaced with an entirely new system comprising a newunique system identifier 420. In these and other embodiments, thegeneration of a new entitlement 430 and the invalidation of the originalunique system identifier 320 migrates the entitlement of the digitalassets 332 from the old system to the new system. Skilled practitionersof the art will recognize that many such embodiments are possible andthe foregoing is not intended to limit the spirit, scope, or intent ofthe invention.

FIG. 5 is a simplified block diagram of an encrypted unique systemidentifier generated from a set of system component identifiers inaccordance with an embodiment of the invention. In this embodiment, asource unique system identifier 520 is generated from a plurality oforiginal unique system component identifiers 502, which correspond to aplurality of system components contained in a target system. As shown inFIG. 5, the original unique system component identifiers 502 comprise aModel Number 304 ‘SA310J43, a Serial Number 306, sometimes referred toas a service tag number or a primary system identifier, ‘SEM5239923875’,a Factory ID 308 ‘AUS’, a Timestamp Date 510 ‘111909’, and a TimestampTime 512 ‘14:27:26:34’. The original unique system component identifiers502 likewise comprise an Original Motherboard ID 314 ‘19374WS238017BH’,a Processor ID 316 ‘92348430-432919237’, a Hard Drive ID 318‘L83747HJ3672’, etc.

An encryption operation 524 is then performed on the source uniquesystem identifier 520 to generate an original encrypted unique systemidentifier 528. In various embodiments, the encryption operation maycomprise the use of a private key, a public key, key pairs, or anycombination of keys and cryptographic operations such as implemented ina public key infrastructure (PKI). As an example, the original encryptedunique system identifier 528 may be generated using a private keyassociated with the manufacturer of the system and a public keyassociated with the system itself. In one embodiment, the Timestamp Date510 ‘111909’ and the Timestamp Time 512 ‘14:27:26:34’ are likewise usedto generate the encrypted unique system identifier 528. Skilledpractitioners of the art will be familiar with such cryptographicoperations and recognize that many such embodiments are possible andthat the foregoing is not intended to limit the spirit, scope, or intentof the invention.

As described in greater detail herein, once generated, the originalencrypted unique system identifier 528 is associated, such as through abinding operation, with predetermined digital assets 332 to generate adigital assets entitlement 530. As likewise described in greater detailherein, the digital assets entitlement 530 entitles a target system,which is associated with the original encrypted unique system identifier528, to process the digital assets 332.

FIG. 6 is a simplified block diagram of a unique system identifierdecrypted from an encrypted unique system identifier in accordance withan embodiment of the invention. It is not uncommon for system componentsto be replaced due to failure, erratic performance, becoming outmoded,or for other reasons. However, the replaced system component willtypically have a different unique system component identifier. As aresult, the entitlement association between a unique system identifierand predetermined digital assets may be compromised as a result of sucha replacement, which in turn may prevent the target system fromprocessing the digital assets.

In various embodiments, the unique system component identifier of thereplacement system component is unknown until it is replaced in thetarget system. In these and other embodiments, the system component isreplaced in the target system, the target system is then initiated(e.g., booted), and an inventory of unique system component identifiersis performed. In one embodiment, one or more unique system componentidentifiers, such as a serial number or service tag, are visible and maybe visually inventoried. In another embodiment, one or more uniquesystem component identifiers, such as a motherboard, processor, or harddrive serial number, are not visible and may be automaticallyinventoried.

As shown in FIG. 6, a new source unique system identifier 650 isgenerated from the inventoried unique system component identifiers. Inone embodiment, a time stamp date and a time stamp time are componentsof the new source unique system identifier 650. In this embodiment, thetime stamp date and a time stamp time are used to validate theauthenticity of the new source unique system identifier 650. As anexample, the provider of the replacement part may have stipulated thatthe replacement part be replaced on Nov. 12, 2009, between 8:00 AM and6:00 PM. Accordingly, a time state date of Nov. 12, 2009 and a timestamp time of 16:33:42:05 would provide validation that the replacementpart was replaced within the specified date and time interval.

An encryption operation 652 is then performed on the new source uniquesystem identifier 650 to generate a new encrypted unique systemidentifier 628. As an example, the encryption operation may be performedusing a private key associated with the target system and a public keyassociated with the provider of the replacement system component. Thenew encrypted unique system identifier 628 is then communicated to adigital asset entitlement system, which in turn performs a decryptionoperation 626 to generate a decrypted unique system identifier 622.

As likewise shown in FIG. 6, extract, transform, and load (ETL) andother database operations 634 are performed on the decrypted uniquesystem identifier 622 to generate new unique system componentidentifiers 602. As shown in FIG. 6, the new unique system componentidentifiers now comprise a Model Number 304 ‘SA310J43, a Serial Number306, ‘SEM5239923875’, a Factory ID 308 ‘AUS’, a Timestamp Date 610‘112009’, and a Timestamp Time 612 ‘16:33:42:05’. The new unique systemcomponent identifiers 602 likewise comprise a New Motherboard ID 314‘56812FR853945PL’, a Processor ID 316 ‘92348430-432919237’, a Hard DriveID 318 ‘L83747HJ3672’, etc. In one embodiment, the Timestamp Date 610and the Timestamp Time 612 are compared to previously authorizedtimestamp date and timestamp times to validate the authenticity of thenew unique system component identifiers 602 and their correspondingdecrypted unique system identifier 622. In this and other embodiments,if the decrypted unique system identifier 622 is validated, then a firstset of operations are performed to remove the entitlement between theoriginal encrypted unique system identifier and digital assets 332. Asecond set of operations are then performed to associate the newencrypted unique system identifier 628 with the digital assets 332 togenerate a new entitlement 630. Accordingly, the integrity of theoriginal entitlement between the original encrypted unique systemidentifier and the digital assets 332 is perpetuated by the newentitlement 630 between the new encrypted unique system identifier 628and the digital assets 332.

In various other embodiments, the provider of the replacement systemcomponent is able to determine its associated unique system componentidentifier. In one embodiment, the unique system component identifier isknown in advance. In another embodiment, the unique system componentidentifier may be one of a pool of, or a range of possible unique systemcomponent identifiers set aside for replacement purposes. As describedin greater detail herein, anew source unique identifier is generated,using the unique system component identifier of the component to bereplaced. Once the new source unique identifier is generated the uniquesystem component identifier of the replaced system component isinvalidated. In these and other embodiments, the system component isreplaced in the target system, the target system is then initiated(e.g., booted), and an inventory of unique system component identifiersis performed. In one embodiment, one or more unique system componentidentifiers, such as a serial number or service tag, are visible and maybe visually inventoried. In another embodiment, one or more uniquesystem component identifiers, such as a motherboard, processor, or harddrive serial number, are not visible and may be automaticallyinventoried.

As shown in FIG. 6, a new source unique system identifier 650 isgenerated from the inventoried unique system component identifiers. Inone embodiment, a time stamp date and a time stamp time are componentsof the new source unique system identifier 650. In this embodiment, thetime stamp date and a time stamp time are used to validate theauthenticity of the new source unique system identifier 650. Anencryption operation 652 is then performed on the new source uniquesystem identifier 650 to generate a new encrypted unique systemidentifier 628. As an example, the encryption operation may be performedusing a private key associated with the target system and a public keyassociated with the provider of the replacement system component. Thenew encrypted unique system identifier 628 is then communicated to adigital asset entitlement system, which in turn performs a decryptionoperation 626 to generate a decrypted unique system identifier 622.

Comparison operations 654 are then performed between the new sourceunique system identifier and the decrypted unique system identifier 622.If the comparison operations 654 are successful, then a first set ofoperations are performed to remove the entitlement between the originalencrypted unique system identifier and digital assets 332. A second setof operations are then performed to associate the new encrypted uniquesystem identifier 628 with the digital assets 332 to generate a newentitlement 630. Accordingly, the integrity of the original entitlementbetween the original encrypted unique system identifier and the digitalassets 332 is perpetuated by the new entitlement 630 between the newencrypted unique system identifier 628 and the digital assets 332.Skilled practitioners of the art will recognize that many suchembodiments are possible and the foregoing is not intended to limit thespirit, scope, or intent of the invention.

FIGS. 7 a-b are a generalized flow chart of the performance of digitalasset entitlement operations in an embodiment of the invention, In thisembodiment, digital asset entitlement operations are started in step702, followed by the selection of a target system in step 704 fordigital assets entitlement. The unique system identifier of the targetsystem, as described in greater detail herein, is determined in step706, followed by a determination being made in step 708 whether a devicerecord has been established fir the target system. If not, then thedevice record is generated in step 710. As used herein, a device recordrefers to a data record containing data related to a system which willreceive an entitlement to process associated digital assets. In variousembodiments, the unique system identifier of the target system is storedin the device record. In various embodiments, other records may beassociated with the device record to further describe the system, suchas its model, type, make, internal identifiers, etc.

Once the device record has been generated, or if it is determined instep 708 that it has already been established, then a determination ismade in step 712 whether an account record has been established for auser. If not, then the account record is generated for the user in step714. As used herein, an account record refers to a data recordcontaining data related to the association of multiple devices orsystems to one or more entities. In various embodiments, the entity maybe a single individual or a group of individuals. As an example, theentity may be a household with multiple PCs, a small business withseveral employees, a large corporation with many employees, etc. Otherrecords may be attached to the account to further describe the accountholder, payment information related to the account, etc. Accounts mayfurther be broken down or organized into sub-accounts as needed, such asto describe departments within an enterprise). In various embodiments, auser may be associated with a single device or system or multipledevices or systems in the account record. Conversely, a group of usersmay be associated with a single device or system or multiple devices inthe account record. Furthermore groups of individual users may likewisebe associated with groups of individual devices or systems. Those ofskill in the art will recognize that many such associations are possibleand the foregoing is not intended to limit the spirit, scope, or intentof the invention. Once the account record has been generated, or if itis determined in step 712 that it has already been established, then adetermination is made in step 716 whether the account record isassociated with the target system. If not, then the account record isassociated with the target system in step 718.

Once the account record has been associated with the target system, orif it is determined in step 716 that it has already been associated,then a target list of digital assets is presented in step 720 forentitlement. A determination is then made in step 722 whether togenerate an entitlement for a digital asset. If not, then adetermination is made in step 732 whether to continue digital assetentitlement operations. If so, then the process is continued, proceedingwith step 704. Otherwise digital asset entitlement operations are endedin step 734. However, if it is determined in step 722 to generate anentitlement for a digital asset, then a target digital asset is selectedin step 724. A digital assets entitlement is then generated in step 726by performing operations to associate the selected digital asset'scorresponding license record with the aforementioned device record,account record, and other predetermined records. The resulting digitalassets entitlement association is then added to the entitlement recordin step 728. A determination is then made in step 730 whether togenerate another digital assets entitlement. If so, the process iscontinued, proceeding with step 724. Otherwise, a determination is madein step 732 whether to continue digital asset entitlement operations. Ifso, then the process is continued, proceeding with step 704. Otherwisedigital asset entitlement operations are ended in step 734.

FIG. 8 is a generalized flow chart of the performance of peer-to-peerdigital assets migration operations in accordance with an embodiment ofthe invention. In this embodiment, peer-to-peer digital asset migrationoperations are begun in step 802, followed by determining in step 804whether the new system is to be a custom-configured system or apre-configured system. If it is determined in step 804 that the newsystem is to be pre-configured, then the system purchaser selects thetarget system for on-line purchase in step 806. The unique identifierfor the selected pre-configured system is then determined in step 808.In one embodiment, the unique system identifier is stored in the BIOS ofthe pre-configured system.

However, if it is determined in step 804 that the new system is to be acustom-configured system, then the system purchaser configures thesystem for on-line purchase in step 810. The system is then manufacturedin step 812 according to the custom configuration selections made by thepurchaser in step 810. Once manufactured, a unique system identifier isgenerated in step 814, as described in greater detail herein. Then, orafter the unique system identifier is deter for the pre-configuredsystem in step 808, the system purchaser selects digital assets foron-line purchase in step 816, followed by selecting personalizationoption settings for the custom-configured system in step 818.

A purchase transaction for the custom-configured or pre-configuredtarget system and any associated digital assets and personalizationoptions is completed in step 818. Digital asset entitlement operations,as described in greater detail herein, are then performed by a digitalasset entitlement system in step 822 to bind the digital assets, thepersonalization options, and their respective digital assets entitlementdata to the unique system identifier of the target system. The resultingdigital asset entitlements for the target system are then stored in thedigital asset entitlement system in step 824.

A determination is made in step 826 whether to opt-into peer-to-peermigration of digital assets. If so, then a determination is then made instep 828 whether a personalization agent is loaded on the source system.If it is determined in step 828 that a personalization agent is notloaded on the source system, then it is loaded in step 830. Thereafter,or if it is determined in step 828 that a personalization agent isalready loaded on the source system, the personalization agent queriesthe target system to determine its unique system identifier and tocollect associated connectivity data (e.g., IP address, user ID,password, etc.) in step 832. Inventory operations are then performed instep 834 by the personalization agent to inventory digital assets andany associated digital assets entitlement data installed on the sourcesystem.

Then, in step 836, the inventoried digital assets and associated digitalassets entitlement data are then presented to the user of the sourcesystem, who then selects digital assets to be migrated in step 838. Thepersonalization agent then automatically establishes a connection withthe digital asset entitlement system in step 840 and uses the uniquesystem identifier to authenticate the source system and then upload theinventoried digital assets entitlement and connectivity data associatedwith the source system. The digital asset entitlement system thenperforms comparison operations in step 842 between the digital assetsand the digital assets entitlement data respectively corresponding tothe unique system identifiers of the source and target systems.

A determination is then made in step 844 whether any digital assetentitlement data associated with the inventoried digital assetsinstalled on the source system is missing. If so, then the missingdigital asset entitlement data is determined in step 846, followed bythe user being prompted in step 848 to provide the missing digital assetentitlement data (e.g., missing license keys) that is associated withthe inventoried digital assets currently associated with the sourcesystem's unique system identifier. The user then provides the requesteddigital assets license keys or other missing digital assets entitlementdata in step in step 850.

Thereafter, or if it was determined in step 844 that no digital assetentitlement data associated with the inventoried digital assetsinstalled on the source system was missing, then digital assetentitlements are then generated in step 852. In various embodiments, thedigital asset entitlements are generated by performing digital assetentitlement operations, as described in greater detail herein, to bindthe digital assets, the personalization options, and their respectivedigital assets entitlement data to the unique system identifier of thesource system. The resulting digital asset entitlements for the sourcesystem are then stored in the digital asset entitlement system in step854. The unique system identifier of the target system is thencross-referenced to the unique system identifier of the source systemwithin the digital asset entitlement system in step 856. Then, or if itwas determined in step 826 not to opt-in for peer-to-peer digital assetentitlement migration, the custom-configured or pre-configured system isdelivered to the system purchaser in step 858.

A determination is then made in step 860 whether to perform standardoperating system (OS) out-of-the-box-experience (OOBE) or hypervisorfirst boot operations on the target system. If it is determined in step860 to perform standard OS OOBE operations, then they are performed onthe target system in step 862, followed by the activation of thepreviously-loaded personalization agent on the target system in step864.

The personalization agent then queries the target system for its uniquesystem identifier in step 866. In various embodiments, the unique systemidentifier associated with the target system is stored in the targetsystem's BIOS, flash memory, a hard disk, or other memory device.However, if it is determined in step 860 to perform hypervisor (e.g.,virtual machine monitor, or VMM) first boot operations on the targetsystem, then they are performed in step 868. Then, in step 870, aservice OS comprising an embedded virtual machine monitor (VMM) and anembedded personalization agent are loaded on the target system.

The embedded personalization agent then queries the target system forits unique system identifier in step 872. Thereafter, or once thepersonalization agent queries the target system for its unique systemidentifier in step 866, the respective personalization agentautomatically establishes a connection with the digital assetentitlement system in step 874 and uses the target system's uniquesystem identifier to authenticate it to the digital asset entitlementsystem.

Then, in step 876, the unique system identifier is used by thepersonalization agent loaded on the target system to determine itsentitled digital assets, including OS and personalization options. Oncedetermined, the corresponding virtual software image comprisingpersonalization option settings and digital assets, along with theirassociated digital assets entitlement data, is downloaded in step 878 tothe target system. Once downloaded, the personalization agent provisionsthe target system by using the digital assets entitlement data in step880 to install the virtual software image. A determination is then madein step 882 whether to perform peer-to-peer digital asset migrationoperations.

If so, then personalization agent installed on the target system usesthe unique system identifier of the target system in step 884 todetermine the previously cross-referenced unique system identifier ofthe source system. Once determined, the personalization agent on thetarget system uses the connectivity data (e.g., IP address, user ID,password, etc.) associated with the unique system identifier of thesource system to establish a communications session 886 with the sourcesystem. The personalization agent installed on the target system thenuses the cross-referenced unique identifier of the source system in step888 to identify which entitled digital assets are to be migrated fromthe source system to the target system. Then, in step 890, thepersonalization agent installed on the target system requests that thepersonalization agent installed on the source system migrate theidentified entitled digital assets to the target system. In response,the personalization agent installed on the source system uses thepreviously established communication session to perform a peer-to-peermigration of the requested entitled digital assets to the target systemin step 892.

The personalization agent installed on the target system thenautomatically installs the migrated entitled digital assets on thetarget system in step 894. Entitlements to the migrated digital assetsare then likewise migrated in step 896 by removing the digital assetbindings from the unique system identifier of the source system andcreating new digital asset bindings with the unique system identifier ofthe target system. The resulting entitlements to the digital assetsinstalled on the target system are then stored in the digital assetentitlement system. Thereafter, or if it was determined in step 882 notto perform peer-to-peer digital asset migration, then peer-to-peerdigital asset migration operations are then ended in step 898.

The present invention is well adapted to attain the advantages mentionedas well as others inherent therein. While the present invention has beendepicted, described, and is defined by reference to particularembodiments of the invention, such references do not imply a limitationon the invention, and no such limitation is to be inferred. Theinvention is capable of considerable modification, alteration, andequivalents in form and function, as will occur to those ordinarilyskilled in the pertinent arts. The depicted and described embodimentsare examples only, and are not exhaustive of the scope of the invention.

For example, the above-discussed embodiments include software modulesthat perform certain tasks. The software modules discussed herein mayinclude script, batch, or other executable files. The software modulesmay be stored on a machine-readable or computer-readable storage mediumsuch as a disk drive. Storage devices used for storing software modulesin accordance with an embodiment of the invention may be magnetic floppydisks, hard disks, or optical discs such as CD-ROMs or CD-Rs, forexample. A storage device used for storing firmware or hardware modulesin accordance with an embodiment of the invention may also include asemiconductor-based memory, which may be permanently, removably orremotely coupled to a microprocessor/memory system. Thus, the modulesmay be stored within a computer system memory to configure the computersystem to perform the functions of the module. Other new and varioustypes of computer-readable storage media may be used to store themodules discussed herein. Additionally, those skilled in the art willrecognize that the separation of functionality into modules is forillustrative purposes. Alternative embodiments may merge thefunctionality of multiple modules into a single module or may impose analternate decomposition of functionality of modules. For example, asoftware module for calling sub-modules may be decomposed so that eachsub-module performs its function and passes control directly to anothersub-module.

Consequently, the invention is intended to be limited only by the spiritand scope of the appended claims, giving full cognizance to equivalentsin all respects.

What is claimed is:
 1. A computer-implementable method for migratingentitled digital assets, comprising: receiving a first identifier and afirst set of entitlement data, the first identifier corresponding to afirst system, the first set of entitlement data corresponding to a firstset of digital assets installed on the first system; processing thefirst identifier and the first set of entitlement data to generate afirst set of digital asset entitlements entitling the first system touse the first set of digital assets; performing cross-referencingoperations to cross-reference the first identifier to a secondidentifier corresponding to a second system; receiving the secondidentifier and a request to migrate the first set of digital assets fromthe first system to the second system; processing the second identifierand the request to perform the migration; and processing the secondidentifier and the first set of entitlement data to generate a secondset of digital asset entitlements entitling the second system to use thefirst set of digital assets.
 2. The method of claim 1, wherein therequest is received from the second system.
 3. The method of claim 1,wherein the migration is performed in a peer-to-peer communicationssession between the first system and the second system.
 4. The method ofclaim 1, wherein the first identifier, the second identifier and thefirst set of entitlement data are processed upon completion of themigration to disentitle the first system to use the first set of digitalassets.
 5. The method of claim 1, wherein: the second system comprises asecond set of entitlement data corresponding to a second set of digitalassets installed on the second system; and the second identifier and thesecond set of entitlement data is processed to generate a third set ofentitlements entitling the second system to use the second set ofdigital assets.
 6. The method of claim 1, wherein: inventory operationsare performed on the first system to generate a list of installeddigital assets; the list of installed digital assets is processed togenerate a third set of entitlement data comprising a subset of thefirst set of entitlement data, the third set of entitlement datacorresponding to a subset of the first set of digital assets; the firstidentifier and the third set of entitlement data are processed togenerate the first set of entitlements.
 7. A system comprising: aprocessor; a data bus coupled to the processor; and a non-transitory,computer-readable storage medium embodying computer program code, thenon-transitory, computer-readable storage medium being coupled to thedata bus, the computer program code interacting with a plurality ofcomputer operations and comprising instructions executable by theprocessor and configured for: receiving a first identifier and a firstset of entitlement data, the first identifier corresponding to a firstsystem, the first set of entitlement data corresponding to a first setof digital assets installed on the first system; processing the firstidentifier and the first set of entitlement data to generate a first setof digital asset entitlements entitling the first system to use thefirst set of digital assets; performing cross-referencing operations tocross-reference the first identifier to a second identifiercorresponding to a second system; receiving the second identifier and arequest to migrate the first set of digital assets from the first systemto the second system; processing the second identifier and the requestto perform the migration; and processing the second identifier and thefirst set of entitlement data to generate a second set of digital assetentitlements entitling the second system to use the first set of digitalassets.
 8. The system of claim 7, wherein the request is received fromthe second system.
 9. The system of claim 7, wherein the migration isperformed in a peer-to-peer communications session between the firstsystem and the second system.
 10. The system of claim 7, wherein thefirst identifier, the second identifier and the first set of entitlementdata are processed upon completion of the migration to disentitle thefirst system to use the first set of digital assets.
 11. The system ofclaim 7, wherein: the second system comprises a second set ofentitlement data corresponding to a second set of digital assetsinstalled on the second system; and the second identifier and the secondset of entitlement data is processed to generate a third set ofentitlements entitling the second system to use the second set ofdigital assets.
 12. The system of claim 7, wherein: inventory operationsare performed on the first system to generate a list of installeddigital assets; the list of installed digital assets is processed togenerate a third set of entitlement data comprising a subset of thefirst set of entitlement data, the third set of entitlement datacorresponding to a subset of the first set of digital assets; the firstidentifier and the third set of entitlement data are processed togenerate the first set of entitlements.
 13. A non-transitory,computer-readable storage medium embodying computer program code, thecomputer program code comprising computer executable instructionsconfigured for: receiving a first identifier and a first set ofentitlement data, the first identifier corresponding to a first system,the first set of entitlement data corresponding to a first set ofdigital assets installed on the first system; processing the firstidentifier and the first set of entitlement data to generate a first setof digital asset entitlements entitling the first system to use thefirst set of digital assets; performing cross-referencing operations tocross-reference the first identifier to a second identifiercorresponding to a second system; receiving the second identifier and arequest to migrate the first set of digital assets from the first systemto the second system; processing the second identifier and the requestto perform the migration; and processing the second identifier and thefirst set of entitlement data to generate a second set of digital assetentitlements entitling the second system to use the first set of digitalassets.
 14. The non-transitory, computer-readable storage medium ofclaim 13, wherein the request is received from the second system. 15.The non-transitory, computer-readable storage medium of claim 13,wherein the migration is performed in a peer-to-peer communicationssession between the first system and the second system.
 16. Thenon-transitory, computer-readable storage medium of claim 13, whereinthe first identifier, the second identifier and the first set ofentitlement data are processed upon completion of the migration todisentitle the first system to use the first set of digital assets. 17.The non-transitory, computer-readable storage medium of claim 13,wherein: the second system comprises a second set of entitlement datacorresponding to a second set of digital assets installed on the secondsystem; and the second identifier and the second set of entitlement datais processed to generate a third set of entitlements entitling thesecond system to use the second set of digital assets.
 18. Thenon-transitory, computer-readable storage medium of claim 13, wherein:inventory operations are performed on the first system to generate alist of installed digital assets; the list of installed digital assetsis processed to generate a third set of entitlement data comprising asubset of the first set of entitlement data, the third set ofentitlement data corresponding to a subset of the first set of digitalassets; and the first identifier and the third set of entitlement dataare processed to generate the first set of entitlements.